26th July 2021 – Directors and officers (D&O) of financial service firms have been hit with over £196m in large fines from regulatory bodies since 2020, research from insurance risk and commercial law firm BLM has revealed through its D&O Tracker.*

Analysis of the latest data revealed that since 2016, 62 fines were handed down to key financial services personnel totalling over £480m. Of the cases tracked over the last five years, 38 were brought against companies classed as SMEs, 25 of these being classed as micro (based on generating turnover of up to £2m).

The research highlights the need for comprehensive D&O insurance for firms of all sizes, as they continue to contend with the financial impact and insecurity as a result of the pandemic and its impact to the economy.

BLM’s D&O Tracker monitors fines from four major UK regulators, including the Financial Conduct Authority (FCA), Serious Fraud Office (SFO), Information Commissioner’s Office (ICO) and the Crown Prosecution Service (CPS).

It has revealed an increasing trend towards fines levelled by the ICO for privacy breaches under GDPR and Data Protection regulations, often as a result of unsolicited, nuisance marketing activity.

This includes a case against American Express, concluded in May 2021, for sending over 4m marketing emails. Though American Express argued these could be classed as services emails, the ICO ultimately decided the communication was for marketing purposes, fining the financial services corporation £90,000.

The ICO also issued fines totalling £330,000 against Valca Vehicle Ltd. and Leads Work Ltd. in March 2021, for sending millions of unsolicited messages that prompted thousands of complaints. Both companies were found in violation of the Privacy and Electronic Communications Regulations 2003. Valca appointed a voluntary liquidator 21 days after the ICO published the outcome of the case.

The Tracker also collates custodial sentences associated with each case, with 24 company directors or officers receiving sentences totalling 154 years.

Alex Traill, Professional Indemnity Partner at BLM, commented: “With the financial services sector tightly regulated, the risk of substantial punitive action in the event of breaches or non-compliance is inevitable. However, this risk can be even greater in the event that a company does not have adequate D&O protection. Fines can be imposed when a company is found not to have adequate insurance to cover the initial fine – creating a double-edged sword through lack of cover.

“As our Tracker data reveals, it’s a particularly pertinent issue for smaller companies. We typically see a coverage gap for SMEs, either through a lack of awareness around D&O protection, or because there’s a belief that the company doesn’t require cover. These figures show that simply isn’t the case, with D&Os of companies of all sizes handed hefty fines or even custodial sentences.”

Traill continued: “The ICO fines in particular are concerning. Even though the introduction of GDPR in 2018 has helped to raise awareness of the risks associated with improper data protection or nuisance marketing activity, our research has highlighted that many D&Os are still seeing fines levelled against them as a result of improper activity. Therefore, it’s crucial to have full oversight of every aspect of your business, otherwise D&Os may well end up paying significant sums in the event of improper activity.”

D&O policies provide liability cover for company managers of all levels, to protect from claims, reputational damage and legal costs following decisions and actions taken within the scope of their duties.

BLM’s D&O Tracker is freely available for corporates, insurers and brokers to access. For further details and to download the Tracker, please click here.

*The data in this document has been aggregated from four leading regulators; Serious Fraud Office, Financial Conduct Authority, Information Commissioner’s Office and the Crown Prosecution Service, and primarily focuses on fines of £50,000 and above from 1 January 2016. BLM has taken all reasonable steps to ensure the information contained is correct but accepts no liability for the accuracy of the content. We will endeavour to update our Tracker on a quarterly basis. This data does not include decisions from the FOS (where fines are relatively low value), the Environment Agency (which applies to a limited number of sectors) and the Health & Safety Executive (our Health and Safety Sentencing Tracker includes details of HSE prosecutions).